Recent advancement of network technology provides a wide spread use of a network system where multiple client devices share a service device connected to the network. The service device may be any of various devices including printers, cameras, displays, information processing devices such as supercomputers and other special purpose computers, and data recording devices.
The user of each client device may send a service demand to the service device without checking the working status of the service device. If, however, the service device has any failure or trouble, the client device is required to send the service demand again.
Incidentally, security of services via a network is provided by various methods.
One rather primitive method does not make always-on connection of the service device with the network but employs dialup connection to connect the service device with the network on each occasion of a desired service. Another method places a firewall in the service device. In these environments, however, the client device and the service device can not establish one-to-one connection at an arbitrary timing. The client device is allowed to check the working status of the service device and resend the service demand to the service device at only restricted timings.
Another method for the security is encrypted communication. Known cryptographic techniques include common key cryptosystems like DES (Data Encryption Standard) and public key cryptosystems like SSL (Secure Sockets Layer).
FIG. 21 is an explanatory view showing security communication in a public key cryptosystem. A server keeps a private key for decryption prepared in advance. A client device prepares a common key shared with the server in advance and holds a public key corresponding to the private key kept by the server. The client device receives the public key from the server in non-encrypted communication.
At timing Sa101, the server sends the public key to the client device. At timing Sa103, the client device sends cipher data of the common key encrypted with the received public key to the server. At timing Sa05, the server decrypts this cipher data, so that the common key is shared by the server and the client device.
The common key is used for the subsequent communication. The server encrypts communication data with the common key and sends the encrypted communication data to the client device at timing Sa201. The client device decrypts the encrypted communication data with the common key at timing Sa203. The client device sends data in similar security communication at timings Sa301 and Sa303.
However, these security communications impose on the system heavy management load including installation, update, and confidentiality of the private key. Especially when the client device is a device like a printer, strict management of the private key faces significant difficulties. Such a device is generally located at a place infrequently accessed by the users, compared with other ordinary client devices, and often has an insufficient hardware or software security mechanism to prevent illicit and unauthorized accesses, due to cost restrictions. Management of private keys for multiple client devices is required to establish security communications with the multiple client devices. This undesirably increases the management load.